Solved: Syslog error message Cisco ASA (305006)

bastion2011 · ‎12-20-2011

Hi i keep getting an error message, ive tried several things to resolve it but still no succes.

This is the exact error message:

regular translation creation failed for protocol 41 src Customer: dst outside:

Does anyone know how to resolve this?

thanks already

puseth · ‎12-20-2011

Jan,

Thanks for the reply.

If you are not using IPv6 and you have no problems in the network then you can safely ignore this message.

However if you look at this message we see the source as Helpdesk_Bastion machine and destination as

83.80.22.214.

What kind of a machine is this "Helpdesk_Bastion"? Is this Windows 7? Because they use IPv6 to IPv4 by default?

There are 2 ways to ignore this message.

1. Disable this log message.

no logging message 305006.

But i'll not recommend it, because it will completely disable this log message to print and if sometime in future there is some valid traffic failing through the ASA due to nat then we will never come to know about this log message.

2. We can rate limit this log message, to not appear everytime ASA sees this kind of packet

logging rate-limit 10 3600 message 305006.

This will print this log message 10 times in 3600 seconds i.e 1 hr.

Meanwhile you can if host "Helpdesk_Bastion" is sending some IPV6 traffic? And Why?

Puneet

"Please rate the post if your questions are answered."

View solution in original post

puseth · ‎12-20-2011

Jan

IP protocol 41 is a tunneling protocol which is used to encapsulate IPv6
packets within IPv4,

The direct encapsulation of IPv6 datagrams within IPv4 packets is indicated by IP protocol number 41.

Are you using IPv6 in your network?

This log indicates that a packet is trying to make out from your network using Source Interface named Customer and destination interface Outside but doesnt have a nat entry to go out.

Can you please post the complete log along with ip addresses if you see something there?

Can you please post your configuration here for us to help you out further on this?

The ASA does not translate and IPv6 traffic.

Are you just worried about something not working looking at the log message? Or is there something which cannot work due to this?

Puneet

bastion2011 · ‎12-20-2011

Hi thanks for your replie

I am not using ipv6.

There are no problems what so ever i just like to resolve the error message.

I have posted my config and a printscreen of the error message

puseth · ‎12-20-2011

Jan,

Thanks for the reply.

If you are not using IPv6 and you have no problems in the network then you can safely ignore this message.

However if you look at this message we see the source as Helpdesk_Bastion machine and destination as

83.80.22.214.

What kind of a machine is this "Helpdesk_Bastion"? Is this Windows 7? Because they use IPv6 to IPv4 by default?

There are 2 ways to ignore this message.

1. Disable this log message.

no logging message 305006.

But i'll not recommend it, because it will completely disable this log message to print and if sometime in future there is some valid traffic failing through the ASA due to nat then we will never come to know about this log message.

2. We can rate limit this log message, to not appear everytime ASA sees this kind of packet

logging rate-limit 10 3600 message 305006.

This will print this log message 10 times in 3600 seconds i.e 1 hr.

Meanwhile you can if host "Helpdesk_Bastion" is sending some IPV6 traffic? And Why?

Puneet

"Please rate the post if your questions are answered."

bastion2011 · ‎12-20-2011

Hi puneet

Thanks very much for the replies, the helpdesk is a windows 7 computer. im going to check all the thing you mentioned above.

Thanks for youre help!